Image forming apparatus
The image forming apparatus synchronizes user information by verifying input data against the server and disabling cache data if mismatched, addressing authentication discrepancies and ensuring authorized access.
Patent Information
- Authority / Receiving Office
- JP · JP
- Patent Type
- Applications
- Current Assignee / Owner
- TOSHIBA TEC KK
- Filing Date
- 2024-12-20
- Publication Date
- 2026-07-02
AI Technical Summary
In image forming apparatuses with user authentication, discrepancies between server-side and cache-side user information can lead to unauthorized access and authentication failures due to outdated cached user information, such as when a former employee's ID card is reused or PIN changes are not synchronized.
The image forming apparatus verifies user authentication by comparing input information with server-stored data, disabling cache information if a mismatch is detected, and implementing a confirmation-waiting user function restriction to ensure synchronized user data.
This approach ensures faster and accurate user authentication by maintaining synchronized user information across the server and cache, preventing unauthorized access and ensuring seamless functionality.
Smart Images

Figure 2026110295000001_ABST
Abstract
Description
Technical Field
[0001] Embodiments of the present invention relate to an image forming apparatus.
Background Art
[0002] Conventionally, an image forming apparatus having a user authentication function for restricting the functions of the apparatus main body for unauthenticated users is known. In such an image forming apparatus, user information used for user authentication may be collectively managed by a server outside the image forming apparatus.
[0003] Furthermore, a distributed file system is known that caches files stored in a server on a client and uses the files held in the client's cache area to speed up access to the files without accessing the server when a file access request occurs.
[0004] In an image forming apparatus having a user authentication function that utilizes the caching function of such a distributed file system, user authentication can be speeded up using the cached user information. However, when the user information file (user information) on the server side is updated, there is a problem that a discrepancy occurs between the file (user information) on the server side and the file (user information) held in the cache area of the image forming apparatus.
[0005] For example, when a company reuses the ID card of a former employee as an ID card for another user, if the former employee's user information remains in the image forming machine's cache area, the current user of the ID card may log in as the former employee, potentially preventing them from using the image forming machine. Furthermore, the presence of user information in the image forming machine's cache area could allow an ID card that should have been deleted on the server side to still be usable. Additionally, the presence of user information in the image forming machine's cache area could prevent user authentication from passing even with a PIN (Personal Identification Number) changed on the server side, potentially preventing the use of the image forming machine. [Prior art documents] [Patent Documents]
[0006] [Patent Document 1] Japanese Patent Application Publication No. 7-93205 [Overview of the Initiative] [Problems that the invention aims to solve]
[0007] The problem that this invention aims to solve is to provide an image forming apparatus that speeds up user authentication and matches user information on a server with cached user information. [Means for solving the problem]
[0008] An image forming apparatus according to one embodiment includes a user interface, a memory, a communication interface, and a processor. The user interface receives user information as input. The memory stores the user information. The communication interface communicates with a server that stores the user information. The processor determines that user authentication is successful if the first user information input to the user interface matches the second user information stored in the memory. Subsequently, the processor queries the server to determine whether the first user information matches the third user information stored in the server. If the processor receives a signal indicating that the first user information and the third user information do not match, it controls the system to disable the use of the second user information stored in the memory for user authentication. [Brief explanation of the drawing]
[0009] [Figure 1] Figure 1 is a diagram illustrating an example configuration of a control system including an image forming apparatus. [Figure 2] Figure 2 is a diagram illustrating an example of a standby screen displayed on a screen. [Figure 3] Figure 3 is a diagram illustrating an example of the top screen displayed on the screen. [Figure 4] Figure 4 illustrates an example of user information stored in the server's storage. [Figure 5] Figure 5 illustrates an example of user information stored as a cache in the main memory of an image forming apparatus. [Figure 6] Figure 6 illustrates an example of user information stored as a cache in the main memory of an image forming apparatus. [Figure 7] Figure 7 is a flowchart illustrating the operation of the user authentication process in the image forming apparatus. [Figure 8] Figure 8 is a flowchart illustrating the operation of the user authentication process in the image forming apparatus. [Figure 9]Figure 9 is a flowchart illustrating the operation of the user authentication process in the image forming apparatus. [Figure 10] Figure 10 is a flowchart illustrating the operation of the user authentication process of the image forming apparatus. [Figure 11] Figure 11 is a flowchart illustrating the operation of the user authentication process in the image forming apparatus. [Figure 12] Figure 12 is a flowchart illustrating the operation of the user authentication process in the image forming apparatus. [Figure 13] Figure 13 illustrates an example of the settings screen for the user function restriction function that requires confirmation, as displayed on the screen. [Figure 14] Figure 14 is a flowchart illustrating an example of the operation of an image forming apparatus. [Figure 15] Figure 15 is a flowchart illustrating an example of the operation of an image forming apparatus. [Modes for carrying out the invention]
[0010] The image forming apparatus according to the embodiment will be described below with reference to the drawings. It should be noted that the present invention is not limited to application to image forming apparatuses, but can also be applied to other information processing devices equipped with a user authentication function using an external server.
[0011] Figure 1 is a diagram illustrating an example of the configuration of a control system 1 including an image forming apparatus 10 according to an embodiment.
[0012] The control system 1 includes an image forming apparatus 10 and a server 20. The image forming apparatus 10 and the server 20 are connected to each other via a network 3.
[0013] The image forming apparatus 10 is, for example, a multi-function printer (MFP) that performs various processes such as image formation while transporting a printing medium. The image forming apparatus 10 is, for example, a solid scanning type printer (e.g., an LED printer) that scans an LED array that performs various processes such as image formation while transporting a printing medium. Further, the image forming apparatus 10 may be an inkjet printer that scans an inkjet head that discharges ink (an inkjet printer), or a printer of another type.
[0014] The image forming apparatus 10, for example, charges a photosensitive drum and irradiates the photosensitive drum with light corresponding to print image data to form an electrostatic latent image on the photosensitive drum. The image forming apparatus 10 attaches toner to the latent image formed on the photosensitive drum, transfers the toner attached to the latent image to a printing medium, and forms a toner image on the printing medium. Further, the image forming apparatus 10 applies heat and pressure to the printing medium onto which the toner image has been transferred to fix the toner image on the printing medium.
[0015] The image forming apparatus 10 includes a system controller 11, a scanner 12, a printer unit 13, a communication interface 15, a speaker 16, and a user interface 17. In FIG. 1, the communication interface 15 is abbreviated as NW I / F, and the user interface 17 is abbreviated as UI. The system controller 11, the scanner 12, the printer, the user interface 17, and the communication interface 15 are housed in a housing not shown.
[0016] The system controller 11 controls the entire image forming apparatus 10. The system controller 11 includes, for example, a processor 111, a main memory 112, and a storage 113.
[0017] The processor 111 is an arithmetic element (e.g., CPU: Central Processing Unit) that performs arithmetic processing. The processor 111 is the main component of the operation of the system controller 11. The processor 111 performs various processes based on data such as programs stored in the main memory 112. The processor 111 can perform various operations by executing programs stored in the main memory 112.
[0018] The main memory 112 corresponds to the main memory portion of the image forming apparatus 10. The main memory 112 includes a non-volatile memory area and a volatile memory area. In the non-volatile memory area, the main memory 112 stores the operating system or programs. The main memory 112 uses the volatile memory area as a work area where data is rewritten as appropriate by the processor 111. For example, the main memory 112 includes ROM (Read Only Memory) as a non-volatile memory area. For example, the main memory 112 includes RAM (Random Access Memory) as a volatile memory area.
[0019] The storage 113 corresponds to the auxiliary storage portion of the image forming apparatus 10. For example, the storage 113 includes an HDD (Hard Disk Drive). In addition to the HDD, or instead of the HDD, the storage 113 may include a semiconductor storage medium such as an SSD (Solid State Drive). The storage 113 stores the above-mentioned program, data used by the processor 111 in performing various processes, and data generated by the processing of the processor 111.
[0020] The printer unit 13 includes, for example, a process unit, an exposure unit, a transfer mechanism, a fuser, and a transport unit.
[0021] The process unit comprises a photosensitive drum, a charging charger, and a developing unit. The photosensitive drum is a photoreceptor comprising a cylindrical drum and a photosensitive layer formed on the outer surface of the drum. The photosensitive drum rotates at a constant speed by a drive mechanism (not shown).
[0022] A charging charger uniformly charges the surface of the photosensitive drum. For example, a charging charger uses a charging roller to apply a voltage to the photosensitive drum, thereby charging the drum to a uniform negative potential.
[0023] A developer is a device that deposits toner onto a photosensitive drum. The developer comprises a developer container, an agitation mechanism, a developing roller, and a doctor blade. The developer container receives and stores the toner dispensed from the toner cartridge. A carrier is pre-filled within the developer container. The toner dispensed from the toner cartridge is agitated with the carrier by the agitation mechanism, forming a developer mixture of toner and carrier. The carrier is placed inside the developer container during the manufacturing of the developer. The developing roller rotates within the developer container, depositing the developer onto its surface. The doctor blade is positioned at a predetermined distance from the surface of the developing roller. The doctor blade removes a portion of the developer adhering to the surface of the rotating developing roller. This forms a layer of developer on the surface of the developing roller with a thickness corresponding to the distance between the doctor blade and the surface of the developing roller.
[0024] The exposure unit is equipped with multiple light-emitting elements. The exposure unit forms a latent image on a charged photosensitive drum by irradiating it with light from the light-emitting elements. The light-emitting elements are, for example, light-emitting diodes (LEDs). Each light-emitting element is configured to irradiate light onto a single point on the photosensitive drum. Multiple light-emitting elements are arranged in the main scanning direction, which is parallel to the rotation axis of the photosensitive drum. The exposure unit forms a single line of latent image on the photosensitive drum by irradiating it with light using the multiple light-emitting elements arranged in the main scanning direction. Furthermore, the exposure unit forms multiple lines of latent images by continuously irradiating the rotating photosensitive drum with light.
[0025] In the above configuration, when light from the exposure unit is shone onto the surface of the photosensitive drum, which has been charged by the charging charger, an electrostatic latent image is formed. When the layer of developer formed on the surface of the developing roller comes into close proximity to the surface of the photosensitive drum, the toner contained in the developer adheres to the latent image formed on the surface of the photosensitive drum. As a result, a toner image is formed on the surface of the photosensitive drum.
[0026] The transfer mechanism is configured to transfer the toner image formed on the surface of the photosensitive drum to the printing medium. The transfer mechanism comprises a primary transfer belt, a secondary transfer roller, and several other rollers. The transfer mechanism receives the toner image formed on the surface of the photosensitive drum onto the outer surface of the primary transfer belt. The transfer mechanism transports the toner image on the outer surface of the primary transfer belt to the transfer nip where the secondary transfer roller and the outer surface of the primary transfer belt are in close contact. The transfer mechanism transfers the toner image on the outer surface of the primary transfer belt to the surface of the printing medium by passing the printing medium supplied by the transport unit through the transfer nip.
[0027] The fuser is configured to fix the toner image transferred to the surface of the printing medium to the surface of the printing medium. The fuser comprises a heating element (heat roller) that applies heat to the printing medium, a press element (press roller) that applies pressure to the printing medium, and a heater that heats the heat roller. The press roller applies pressure to the heat roller, forming a fixing nip where the press roller and the heat roller are in close contact. The fuser applies heat and pressure to the printing medium by passing the printing medium, to which the toner image has been transferred by the transfer mechanism, through the fixing nip. In this way, the fuser fixes the toner image formed on the surface of the printing medium. The printing medium that has passed through the fixing nip is discharged to the outside of the image forming apparatus 10 by the transport unit.
[0028] The transport unit supplies the printing media, which are contained in a storage unit (not shown), one by one to the transfer mechanism and the fuser, and discharges the printed media with the image formed on them to an discharge tray outside the housing of the image forming apparatus 10.
[0029] The scanner 12 is installed on top of the main body of the image forming apparatus 10. The scanner 12 is a device that optically reads the image of a document. For example, the scanner 12 reads the image of a document placed on the document glass. The scanner 12 may also be configured to read the image of a document transported by an automatic document feeder (ADF).
[0030] The communication interface 15 is an interface for communicating with the server 20 via the network 3.
[0031] Speaker 16 generates sound according to the audio signal.
[0032] The user interface 17 includes a display 171, input buttons 173, and a card reader 172. The display 171 is a device capable of displaying images and receiving instructions based on user operations on the display 171. The display 171 includes a display device capable of displaying images. The display device is, but is not limited to, a liquid crystal display 171 or an organic electroluminescent (EL) display 171. The display 171 includes an input device stacked on the display device and capable of receiving instructions based on user operations on the display 171. User operations on the display 171 are user operations that involve contact with the display 171.
[0033] The input button 173 is a button that can be physically pressed by the user. The input button 173 is an interface that allows user input of instructions based on user actions directed at the input button 173.
[0034] The card reader 172 is a device that reads information from a card that has a built-in recording medium for storing information including a card ID. The card can be, for example, a contact-type or contactless IC card or a magnetic card. The user information read from the card by the card reader 172 is supplied to the processor 111.
[0035] The image forming apparatus 10 has a user authentication function. The image forming apparatus 10 stores, for example, a program for operating the user authentication function in the main memory 112. The user authentication function performs user authentication based on user information entered through the user interface 17. User information includes, for example, a username, password, card ID, and PIN. The card ID is read, for example, from a card presented by the user by the card reader 172. The username, password, and PIN are entered, for example, by the user using the display 171 and input buttons 173.
[0036] Figure 2 is a diagram illustrating an example of a standby screen 1711 displayed on the display 171. The processor 111 displays the standby screen 1711 on the display 171 when the user authentication function is enabled and the user has not been authenticated. The standby screen 1711 is a screen that displays information prompting the user to authenticate when they try to use the image forming apparatus 10. For example, the standby screen 1711 may display the text, "Touch your card or touch the screen to enter your username and password."
[0037] When the standby screen 1711 is displayed on the display 171, the processor 111 does not accept any operation to use the functions of the image forming apparatus 10. In other words, when the standby screen 1711 is displayed, the image forming apparatus 10 requires user authentication. The functions of the image forming apparatus 10 include, for example, a copy function that forms an image of a document scanned by the scanner 12 onto a printing medium, a print function that forms an image of a specified file onto a printing medium, a scan function that reads a document using the scanner 12, and a setting function that changes various settings of the image forming apparatus 10.
[0038] When the standby screen 1711 is displayed on the display 171, the user presents their card to the card reader 172, sending user information to the processor 111, which then starts the user authentication process to authenticate the user. Alternatively, when the standby screen 1711 is displayed on the display 171, the user touches the screen, transitioning the display 171 to the input screen. The input screen accepts user information input via the display 171 and input buttons 173. When the input screen is displayed on the display 171, the user inputs user information via the display 171 and input buttons 173, sending the user information to the processor 111, which then starts the user authentication process to authenticate the user.
[0039] Figure 3 is a diagram illustrating an example of the top screen 1712 displayed on the display 171. Figure 3 shows the top screen 1712. The top screen 1712 in Figure 3 has a "Copy" button that transitions to a screen for using the copy function, a "Print" button that transitions to a screen for using the print function, a "Scan" button that transitions to a screen for using the scan function, and a "Settings" button that transitions to a screen for using the settings function. The processor 111 displays the top screen 1712 on the display 171 when the user is authenticated. The top screen 1712 is the screen that is displayed on the display 171 when the user is authenticated by the user authentication function. When the top screen 1712 is displayed on the display 171, the processor 111 accepts operations to use the functions of the image forming apparatus 10.
[0040] Returning to the explanation of Figure 1, the server 20 is connected to a network and can communicate with the image forming apparatus 10 via this network 3. The server 20 includes a system controller 21, memory, and a communication interface 22. In Figure 14, the communication interface 22 is abbreviated as NW I / F. The system controller 21 and the communication interface 22 are housed in a casing that is not shown.
[0041] The system controller 21 controls the entire server 20. The system controller 21 includes, for example, a processor 211, main memory 212, and storage 213.
[0042] The processor 211 is an arithmetic element (e.g., a CPU) that performs arithmetic processing. The processor 211 is the main component of the system controller 21's operation. The processor 211 performs various processes based on data such as programs stored in the main memory 212. The processor 211 can perform various operations by executing programs stored in the main memory 212.
[0043] Main memory 212 corresponds to the main memory portion of server 20. Main memory 212 includes non-volatile memory areas and volatile memory areas. In the non-volatile memory area of main memory 212, the operating system or programs are stored. Main memory 212 uses the volatile memory area as a work area where data is rewritten as needed by the processor 211. For example, main memory 212 includes ROM (Read Only Memory) as a non-volatile memory area. For example, main memory 212 includes RAM (Random Access Memory) as a volatile memory area.
[0044] Storage 213 corresponds to the auxiliary storage portion of server 20. For example, storage 213 includes an HDD (Hard Disk Drive). In addition to the HDD, or instead of the HDD, storage 213 may also include a semiconductor storage medium such as an SSD (Solid State Drive). Storage 213 stores the above-mentioned program, data used by processor 211 in performing various processes, and data generated by the processing of processor 211.
[0045] The communication interface 22 is an interface for communicating with the image forming apparatus 10 via the network 3.
[0046] Figure 4 is a diagram illustrating an example of user information stored in the storage 213 of the server 20. The storage 213 has a user information database 2141. The user information database 2141 stores user information, which is information about the user. Each user information record in the user information database 2141 includes the username, password, card ID, and PIN. The username is information that indicates the user's name. The password is information used to verify the user's identity. The card ID is identification information that uniquely identifies the card. The PIN is information that corresponds to the card ID.
[0047] In the user information database 2141 shown in Figure 4, the usernames "abcefg", "hijklm", and "qrstuv" are registered. For example, the record for the username "abcefg" has "ABCD" as the password and "123456789" as the card ID. The PIN field in the record for the username "abcefg" is "(blank)". "(blank)" indicates that the information is not registered.
[0048] Figures 5 and 6 illustrate an example of user information stored as a cache in the main memory 112 of the image forming apparatus 10. The main memory 112 has a user information database 1121 in which user information is registered as a cache. The user information database 1121 of the image forming apparatus 10 registers the username, card ID, and PIN as a cache.
[0049] Figure 5 shows the user information database 1121 of the image forming apparatus 10 when user information has not been cached from the server 20. In the user information database 1121 in Figure 5, the username, card ID, and PIN are not registered, so it is displayed as "(blank)".
[0050] Figure 6 shows the user information database 1121 of the image forming apparatus 10 after user information has been cached from the server 20. Specifically, the user information database 1121 in Figure 6 has cached user information for the usernames "abcefg" and "hijklm". User information for the username "qrstuv" has not been cached and is therefore not registered in the user information database 1121 in Figure 6.
[0051] The image forming apparatus 10 may be configured to save the user information database 1121 stored in the main memory 112 to the storage 113 when the power is turned off. The image forming apparatus 10 may also read the user information database 1121 stored in the storage 113 back into the main memory 112 when the power is turned on.
[0052] This section describes the operation of the image forming apparatus 10 regarding user authentication processing. Figures 7 to 12 are flowcharts illustrating the operation of the image forming apparatus 10 regarding user authentication processing. To make the explanation easier to understand, user information input from the user interface 17 will be referred to as first user information, user information registered in the image forming apparatus 10's user information database 1121 as second user information, and user information registered in the server 20's user information database 2141 as third user information. In addition, the record items of the first user information will be referred to as "first XX". For example, the username of the first user information will be referred to as "first username". Similarly, the record items of the second and third user information will be referred to as "second XX" and "third XX", respectively.
[0053] First, let's explain with reference to Figure 7. When the user authentication function is enabled and the user is not authenticated, the processor 111 displays a standby screen 1711 on the display 171 (ST001). The processor 111 displays the standby screen 1711 or the input screen until a first username and first password are entered (ST002) or a first card ID is entered (ST006).
[0054] When the first username and first password are entered, the processor 111 sends the entered first username and first password to the server 20. The server 20 compares the received first username and first password with the third username and third password in the user information database 2141. If they match, it sends a signal to the image forming apparatus 10 indicating that the first username and first password match the third username and third password. If they do not match, it sends a signal to the image forming apparatus 10 indicating that the first username and first password do not match the third username and third password. If the processor 111 receives a signal indicating that the first username and first password do not match the third username and third password (ST003, No), it displays the standby screen 1711. If the processor 111 receives a signal indicating that the first username and first password match the third username and third password (ST003, Yes), it displays the top screen 1712 as user authentication is complete (ST004). If the processor 111 detects that a user who has completed user authentication has logged out, it displays the standby screen 1711 on the display 171 (ST005, Yes).
[0055] Refer to Figure 7 for further explanation. When the processor 111 receives a first card ID from the card reader 172 (ST006, Yes), it checks the user information database 1121 in the main memory 112 to see if there is a second card ID that matches the first card ID (ST0007). If there is no second card ID that matches the first card ID in the user information database 1121 in the main memory 112 (ST007, No), the processor 111 sends a query to the user information database 2141 of the server 20 to see if there is a third card ID that matches the first card ID (ST008).
[0056] If the processor 111 receives a signal from the server 20 indicating that there is no third card ID that matches the first card ID (ST009, No), the processor 111 displays a standby screen 1711 on the display 171. If the processor 111 receives a signal from the server 20 indicating that there is a third card ID that matches the first card ID (ST009, Yes), the processor 111 caches the third card ID that matches the first card ID and the third PIN associated with the third card ID in the user information database 1121 of the main memory 112 (ST101). Furthermore, if the signal received from the server 20 indicates that there is a third card ID that matches the first card ID and that the third PIN is registered (ST102, No), the processor 111 displays an input screen for entering the PIN on the display 171 (ST103).
[0057] Refer to Figure 4 for an example. When the processor 111 receives the card ID "222222222" from the card reader 172, it sends the card ID to the server 20. If the user information database 2141 contains the card ID "222222222", the server 20 sends a signal to the image forming apparatus 10 that includes the response that the card ID "exists" and the response that the PIN is "1111". Also, for example, if the card ID received by the server 20 is "123456789", it sends a signal to the image forming apparatus 10 that includes the response that the card ID "exists" and the PIN is "(blank)".
[0058] Refer to Figure 8 for further explanation. If the entered first PIN does not match the third PIN (ST104, No), the processor 111 displays a standby screen 1711 on the display 171. If the entered first PIN matches the third PIN (ST104, Yes), the processor 111 displays the top screen 1712 as user authentication is complete (ST105). Also, if the signal received from the server 20 contains a third card ID that matches the first card ID and the third PIN is "(blank)" (ST102, Yes), the processor 111 displays the top screen 1712 as user authentication is complete (ST105). When the processor 111 detects that a user who has completed user authentication has logged out, it displays a standby screen 1711 on the display 171 (ST106, Yes).
[0059] Refer to Figure 9 for explanation. If a second card ID matching the first card ID exists in the user information database 1121 of the main memory 112 (ST007, Yes), the processor 111 checks if a second PIN is registered in the user information database 1121 of the main memory 112 (ST201). If a second PIN is registered in the user information database 1121 of the main memory 112 (ST201, Yes), the processor 111 displays an input screen for entering the PIN on the display 171 (ST202). If the entered first PIN matches the second PIN (ST203, Yes), the processor 111 displays the top screen 1712 as user authentication complete (ST204). Subsequently, the processor 111 sends a query to the user information database 2141 of the server 20 to check if there is a third card ID matching the first card ID (ST205).
[0060] Refer to Figure 10 for further explanation. If the server 20 receives a signal indicating that there is no third card ID that matches the first card ID (ST206, No), the system checks whether a job is currently running (ST207). If a job is running (ST207, YES), the system stops the job (ST208). The job may be, for example, image formation by the printer unit 13 or document scanning by the scanner 12. Whether the job is stopped (ST208) or the job is not running (ST207, No), the processor 111 logs out the user who has completed user authentication (ST209). Subsequently, the system deletes the corresponding second card ID and second PIN used for user authentication from the user information database 1121 in the main memory 112 (ST210). When the processor 111 detects that the user who has completed user authentication has logged out, it displays a standby screen 1711 on the display 171.
[0061] If the processor 111 receives a signal from the server 20 indicating that there is a third card ID that matches the first card ID (ST206, Yes), the processor 111 caches the third card ID that matches the first card ID and the third PIN associated with the third card ID in the user information database 1121 in the main memory 112 (ST211). Furthermore, if the signal received from the server 20 indicates that there is a third card ID that matches the first card ID and that the third PIN is registered (ST212, No), the processor 111 checks whether the first PIN and the third PIN entered in ST202 match (ST213). If the first PIN and the third PIN do not match (ST213, No), the processor 111 proceeds to the process in ST207. If the first PIN and the third PIN entered in ST202 match (ST213, Yes), the processor 111 maintains the state that user authentication is complete. Also, if the signal received from the server 20 contains a third card ID that matches the first card ID and the third PIN is "(blank)" (ST212, Yes), the processor 111 maintains the state that user authentication is complete. When the processor 111 detects that a user who has completed user authentication has logged out, it displays the standby screen 1711 on the display 171 (ST214, Yes).
[0062] Refer to Figure 11 for explanation. If the first PIN entered in ST202 does not match the second PIN (ST203, No), the processor 111 sends a query to the server 20's user information database 2141 to check if there is a third card ID that matches the first card ID (ST301). If the processor 111 receives a signal from the server 20 indicating that there is no third card ID that matches the first card ID (ST302, No), the processor 111 deletes the second card ID that matches the first card ID entered in ST006, and the second PIN associated with the second card ID, from the user information database 1121 in the main memory 112 (ST303). After that, the processor 111 displays the standby screen 1711 on the display 171.
[0063] If the processor 111 receives a signal from the server 20 indicating that there is a third card ID that matches the first card ID (ST302, Yes), the processor 111 caches the third card ID that matches the first card ID and the third PIN associated with the third card ID in the user information database 1121 in the main memory 112 (ST304). Furthermore, if the signal received from the server 20 indicates that there is a third card ID that matches the first card ID and that the third PIN is registered (ST305, No), the processor 111 checks whether the first PIN and the third PIN entered in ST202 match (ST306). If the first PIN and the third PIN do not match (ST306, No), the processor 111 proceeds to the process in ST303. If the first PIN and the third PIN match (ST306, Yes), the processor 111 displays the top screen 1712 as user authentication is complete (ST307). When the processor 111 detects that a user who has completed user authentication has logged out, it displays the standby screen 1711 on the display 171 (ST308, Yes).
[0064] Refer to Figure 12 for further explanation. If the user information database 1121 in main memory 112 contains a second card ID that matches the first card ID (ST007, Yes), and the second PIN is not registered in the user information database 1121 in main memory 112 (ST201, No), the processor 111 displays the top screen 1712 as user authentication complete (ST204). Subsequently, the processor 111 sends a query to the user information database 2141 of server 20 to check if there is a third card ID that matches the first card ID (ST402).
[0065] If the processor receives a signal from server 20 indicating that there is no third card ID that matches the first card ID (ST403, No), it checks whether a job is running (ST404). If a job is running (ST404, YES), it stops the job (ST405). Either the job is stopped (ST405), or the job is not running (ST404, No), processor 111 logs out the user who has completed user authentication (ST406). Then, it deletes the corresponding second card ID used for user authentication and the second PIN associated with the corresponding second card ID from the user information database 1121 in main memory 112 (ST407). When processor 111 detects that a user who has completed user authentication has logged out, it displays a standby screen 1711 on display 171.
[0066] If the processor 111 receives a signal from the server 20 indicating that there is no third card ID that matches the first card ID (ST403, Yes), the processor 111 caches the third card ID that matches the first card ID and the third PIN associated with the third card ID in the user information database 1121 in the main memory 112 (ST408). Furthermore, if the signal received from the server 20 indicates that there is a third card ID that matches the first card ID and that the third PIN is registered (ST409, No), the processor 111 displays an input screen for entering the PIN on the display 171 (ST410). If the entered first PIN does not match the third PIN (ST411, No), the processor 111 proceeds to the ST404 process. If the entered first PIN matches the third PIN (ST411, Yes), the processor 111 maintains the state that user authentication is complete. Furthermore, if the signal received from server 20 contains a third card ID that matches the first card ID, and the third PIN is "(blank)" (ST409, Yes), the processor 111 maintains the state that user authentication is complete. When the processor 111 detects that a user who has completed user authentication has logged out, it displays a standby screen 1711 on display 171 (ST412, Yes).
[0067] Furthermore, if a query is made to server 20 to check if a third card ID exists, and the third card ID does not exist in server 20's user information database 2141, the user may be notified by sounding a beep from speaker 16 or displaying a message on display 171.
[0068] As described above, the image forming apparatus 10 according to this embodiment determines that user authentication is successful when the first user information input to the user interface 17 matches the second user information stored in memory. Subsequently, it queries the server 20 to determine whether the first user information matches the third user information stored in the server 20. If it receives a signal indicating that the first user information and the third user information do not match, it controls the system to delete the second user information from memory. Furthermore, if it receives a signal indicating that the first user information and the third user information do not match, it transitions to a state requiring user authentication. Furthermore, if a job is running when it receives a signal indicating that the first user information and the third user information do not match, it stops the job. This allows for faster user authentication and enables matching of user information on the server 20 with user information cached on the image forming apparatus 10.
[0069] Furthermore, in this embodiment, if user authentication is completed based on the first user information and the second user information, and the image forming apparatus 10 queries the server 20 to see if there is a third card ID in the user information database 2141 that matches the first card ID (for example, ST205 and ST402), the image forming apparatus may be provided with a confirmation-waiting user function restriction function that restricts the functions that the user can use in the image forming apparatus 10 while waiting for a response to the query.
[0070] The image forming apparatus 10 stores, for example, a program for performing a user function restriction function awaiting confirmation in its main memory 112. As described above, the user function restriction function awaiting confirmation is a function that restricts the functions that a user can use in the image forming apparatus 10 when user authentication has been completed based on the first user information and the second user information, and the image forming apparatus 10 is waiting for a response from the server 20 to inquire whether there is a third card ID in the user information database 2141 that matches the first card ID.
[0071] Figure 13 is a diagram illustrating an example of the user function restriction setting screen 1713 that is displayed on the display 171. The user function restriction setting screen 1713 in Figure 13 displays radio buttons for enabling or disabling the user function restriction function that is waiting for inquiry confirmation, and "Enabled" is selected. In addition, checkboxes for restricting each function of the image forming apparatus 10 are displayed, and "Scan Restriction" is selected. In other words, by setting the user function restriction function that is waiting for inquiry confirmation as shown in Figure 13, user authentication is completed based on the first user information and the second user information, and while waiting for a response to the inquiry to the server 20, the processor 111 accepts operations to use the copy function and print function, but does not accept operations to use the scan function.
[0072] The state in which the confirmation-awaiting user function restriction function does not accept operations to use each function of the image forming apparatus 10 is, for example, in the buttons for each function displayed on the top screen 1712, the buttons for functions that are set not to accept operations are grayed out so that even if the button for that function is selected, the user will not be taken to the screen for using that function, or the buttons are hidden so that the buttons for that function cannot be selected.
[0073] The setting for the user function restriction function that requires confirmation is configured, for example, by a user with administrator privileges for the image forming apparatus 10. The setting for the user function restriction function that requires confirmation may be applied to all users using the image forming apparatus 10 according to this embodiment, or it may be applied individually to each user.
[0074] Figure 14 is a flowchart illustrating an example of the operation of the image forming apparatus 10 when the user function restriction function awaiting confirmation is enabled. Figure 14 focuses on parts ST206, ST211 to ST214 of Figure 10 and adds the processing when the user function restriction function awaiting confirmation is enabled. Each process in Figure 10 that is not shown in Figure 14 is the same as that described in Figure 10.
[0075] Refer to Figure 14 for explanation. If the processor 111 receives a signal from the server 20 indicating that there is a third card ID that matches the first card ID (ST206, Yes), the processor 111 restricts the functions of the image forming apparatus 10 that were selected to be restricted in the setting of the user function restriction function awaiting confirmation (ST501). Then, the processor 111 caches the third card ID and the third PIN associated with the third card ID from the server 20 in the user information database 1121 in the main memory 112 (ST211). Furthermore, if the signal received from the server 20 indicates that there is a third card ID that matches the first card ID and that the third PIN is registered (ST212, No), the processor 111 checks whether the first PIN and the third PIN entered in ST202 match (ST213). If the first PIN and the third PIN do not match (ST213, No), the processor 111 proceeds to the process in ST207. If the first PIN and the third PIN entered in ST202 match (ST213, Yes), the processor 111 removes the restriction on the functions of the image forming apparatus 10 that was restricted in ST501 (ST502) and maintains the state in which user authentication is complete. Also, if the signal received from the server 20 contains a third card ID that matches the first card ID and the third PIN is "(blank)" (ST212, Yes), the processor 111 removes the restriction on the functions of the image forming apparatus 10 that was restricted in ST501 (ST502) and maintains the state in which user authentication is complete. When the processor 111 detects that a user who has completed user authentication has logged out, it displays the standby screen 1711 on the display 171 (ST214, Yes).
[0076] Figure 15 is a flowchart illustrating an example of the operation of the image forming apparatus 10 when the user function restriction function awaiting confirmation is enabled. Figure 15 focuses on parts ST403, ST408 to ST412 of Figure 12 and adds the processing when the user function restriction function awaiting confirmation is enabled. Each process in Figure 12 that is not shown in Figure 15 is the same as that described in Figure 12.
[0077] Refer to Figure 15 for further explanation. If the processor 111 receives a signal from the server 20 indicating that there is no third card ID that matches the first card ID (ST403, Yes), it restricts the functions of the image forming apparatus 10 that were selected to be restricted in the settings for the user function restriction function awaiting confirmation (ST503). The processor then caches the third card ID and the third PIN associated with the third card ID from the server 20 in the user information database 1121 of the main memory 112 (ST408). Furthermore, if the signal received from the server 20 indicates that there is a third card ID that matches the first card ID and that the third PIN is registered (ST409, No), the processor 111 displays an input screen for entering the PIN on the display 171 (ST410). If the entered first PIN does not match the third PIN (ST411, No), the processor 111 proceeds to the process in ST404. If the entered first PIN matches the third PIN (ST411, Yes), the processor 111 removes the restriction on the functions of the image forming apparatus 10 that was restricted in ST503 (ST504) and maintains the state in which user authentication is complete. Also, if the signal received from the server 20 contains a third card ID that matches the first card ID and the third PIN is "(blank)" (ST409, Yes), the processor 111 removes the restriction on the functions of the image forming apparatus 10 that was restricted in ST503 (ST504) and maintains the state in which user authentication is complete. When the processor 111 detects that a user who has completed user authentication has logged out, it displays the standby screen 1711 on the display 171 (ST412, Yes).
[0078] As described above, in this embodiment, user authentication has been completed based on the first user information and the second user information, and while the image forming apparatus 10 is waiting for a response from the server 20 to inquire whether there is a third card ID in the user information database 2141 that matches the first card ID, the functions that the user can use in the image forming apparatus 10 can be restricted.
[0079] [Differentiation] The image forming apparatus 10 according to the aforementioned embodiment cached a portion of the user information of the server 20 in the main memory 112. In the modified version, a replica of all of the user information of the server 20 is stored in the main memory 112. That is, instead of caching the third card ID that matches the first card ID and the third PIN associated with the third card ID from the server 20 in the user information database 1121 of the main memory 112, all of the user information stored in the user information database 2141 of the server 20 is stored in the main memory 112. Specifically, in ST101, ST211, ST304, and ST408 of the flowchart of the operation of the image forming apparatus 10 according to the aforementioned embodiment, all of the user information stored in the user information database 2141 of the server 20 is stored in the main memory 112.
[0080] While embodiments and modifications of the present invention have been described above, these embodiments and modifications are presented as examples only and are not intended to limit the scope of the invention. These novel embodiments can be implemented in various other forms, and various omissions, substitutions, and modifications can be made without departing from the spirit of the invention. These embodiments and their variations are included in the scope and spirit of the invention, as well as in the claims of the invention and its equivalents. [Explanation of symbols]
[0081] Control system...1 Network...3 Image forming apparatus...10 System controllers...11, 21 User information database...1121, 2141 Scanner...12 Printer unit...13 Communication interfaces: 15, 22 Speakers...16 User Interface...17 Processors: 111, 211 Main memory: 112, 212 Storage...113, 213 Server...20 Display...171 Card reader...172 Input buttons...173 Standby screen...1711 Top screen...1712 User function restriction settings screen awaiting confirmation...1713
Claims
1. A user interface for entering user information, Memory for storing user information, A communication interface that communicates with a server that stores user information, User authentication is determined to be successful when the first user information entered into the user interface matches the second user information stored in the memory. Subsequently, the server is inquired about whether the first user information matches the third user information stored in the server. When a signal is received indicating that the first user information and the third user information do not match, the system controls the system to disable the use of the second user information stored in the memory for user authentication. Processor and An image forming apparatus having
2. When the processor receives a signal indicating that the first user information and the third user information do not match, it transitions to a state requiring user authentication. The image forming apparatus according to claim 1.
3. The processor controls the job to stop if it is running when it receives a signal indicating that the first user information and the third user information do not match. The image forming apparatus according to claim 2.
4. A control system comprising an image forming apparatus and a server, The image forming apparatus is A user interface for entering user information, A first memory that stores user information, A first communication interface that communicates with the server that stores user information, User authentication is determined to be successful when the first user information entered into the user interface matches the second user information stored in the first memory. Subsequently, the server is inquired about whether the first user information matches the third user information stored in the server. When a signal is received indicating that the first user information and the third user information do not match, control is performed to delete the second user information from the first memory. The first processor, It has, The aforementioned server, A second memory for storing user information and A second communication interface for communicating with the aforementioned image forming apparatus, A second processor that, in response to the aforementioned inquiry, determines whether the first user information and the third user information match, and if they do not match, transmits the signal to the image forming apparatus. A control system having
5. A step in which user authentication is determined to be successful if the first user information entered into the user interface matches the second user information stored in memory, A step of querying the server to determine whether the first user information and the third user information stored on the server, which can communicate via the communication interface, match. When a signal is received indicating that the first user information and the third user information do not match, the second user information is deleted from the memory. A control method for an image forming apparatus that sequentially executes the following.